HTTP Content-Location header usage

Никита Пискунов <n.piskunov91@gmail.com> Sat, 24 September 2016 21:06 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E04FD12B046 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 24 Sep 2016 14:06:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.235
X-Spam-Level:
X-Spam-Status: No, score=-9.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id niZGRvarYhHV for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 24 Sep 2016 14:06:50 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E9B212B049 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 24 Sep 2016 14:06:49 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bnu5x-0004rA-RW for ietf-http-wg-dist@listhub.w3.org; Sat, 24 Sep 2016 21:02:49 +0000
Resent-Message-Id: <E1bnu5x-0004rA-RW@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1bnu5n-0004ob-Cu for ietf-http-wg@listhub.w3.org; Sat, 24 Sep 2016 21:02:39 +0000
Received: from raoul.w3.org ([128.30.52.128]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1bnu5l-0001aG-LQ for ietf-http-wg@w3.org; Sat, 24 Sep 2016 21:02:38 +0000
Received: from [37.160.38.57] (helo=[192.168.43.32]) by raoul.w3.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1bnu5k-000AGn-UA for ietf-http-wg@w3.org; Sat, 24 Sep 2016 21:02:37 +0000
Content-Type: multipart/alternative; boundary="Apple-Mail=_548E7D3F-641C-4A3F-970E-4FF35D2F9786"
Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\))
From: =?utf-8?B?0J3QuNC60LjRgtCwINCf0LjRgdC60YPQvdC+0LI=?= <n.piskunov91@gmail.com>
Resent-From: Yves Lafon <ylafon@w3.org>
Date: Wed, 21 Sep 2016 12:35:04 +0000
Resent-Date: Sat, 24 Sep 2016 23:02:34 +0200
Resent-To: ietf-http-wg@w3.org
Message-Id: <CAGnWK0SnbuXk69jaWm8PY88G7pyVx1zKkY9Och6SApeVJjhQBw@mail.gmail.com>
X-Name-Md5: efe3dad792d606410c9cc49cedaffc94
To: ietf-http-wg@w3.org
X-Mailer: Apple Mail (2.3226)
X-W3C-Hub-Spam-Status: No, score=-4.6
X-W3C-Hub-Spam-Report: ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, HTML_MESSAGE=0.001, NML_ADSP_CUSTOM_MED=0.9, RP_MATCHES_RCVD=-3.096, W3C_NW=0.5
X-W3C-Scan-Sig: maggie.w3.org 1bnu5l-0001aG-LQ 2d1512918919e4aea92974574ea8eeab
X-Original-To: ietf-http-wg@w3.org
Subject: HTTP Content-Location header usage
Archived-At: <http://www.w3.org/mid/CAGnWK0SnbuXk69jaWm8PY88G7pyVx1zKkY9Och6SApeVJjhQBw@mail.gmail.com>
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32417
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hello,
i've already posted my comment about ambiguous Content-Location header usage description here as a GitHub Issue. And I've also decided to raise the discussion via email.

So, my question is:

The RFC 5789 discribes the apropriate usage of Content-Location header in PATCH:

A response to this method is only cacheable if it contains explicit freshness information (such as an Expires header or "Cache-Control: max-age" directive) as well as the Content-Location header matching the Request-URI, indicating that the PATCH response body is a resource representation.
So, it means, that Content-Location header must appear only if the actual represantation is the part of response body for PATCH.

Also the usage of Content-Location is mentioned in another RFC 7231:

For a state-changing request like PUT (Section 4.3.4) or POST (Section 4.3.3), it implies that the server's response contains the new representation of that resource, thereby distinguishing it from representations that might only report about the action (e.g., "It worked!"). This allows authoring applications to update their local copies without the need for a subsequent GET request.
So, accordingly to this information in both RFCs, the apropriate usage of Content-Location with state-changing requests are following:
Content-Location must appear in response only if response-body contains the new resourse representation.

But, there is also an example in RFC 5789:

Successful PATCH response to existing text file:

HTTP/1.1 204 No Content
Content-Location: /file.txt
ETag: "e0023aa4f"

The 204 response code is used because the response does not carry a message body (which a response with the 200 code would have). Note that other success codes could be used as well.

Furthermore, the ETag response header field contains the ETag for the entity created by applying the PATCH, available at http://www.example.com/file.txt <http://www.example.com/file.txt>, as indicated by the Content-Location response header field.
How you can see, there is a Content-Location presented in response with 204 status code (No content). Ofcourse, this response doesn't contain any body as well as new resourse representation. This fact adds some ambiguity in Content-Location header description. What is the correct usage of this header?